Updated on 2024-11-29 GMT+08:00

Creating a KMS User

Scenario

This section describes how to create a user and associate the user with the key management permission on FusionInsight Manager after the KMS service is successfully installed and how to manage keys and encrypt HDFS partitions.

Prerequisites

  • The KMS service has been installed and connected to a third-party KMS server.
  • KMS roles have been created. For details, see Creating a KMS Role.

Procedure

  1. Log in to FusionInsight Manager.
  2. Choose System > Permission > User.
  3. Click Create.
  4. Set Username. The username can contain 3 to 32 characters, including digits, letters, underscores (_), hyphens (-), and spaces. It cannot start with a hyphen (-) and is case insensitive. The username cannot be the same as an existing username in the system or OS.
  5. Select Human-Machine for User Type.
  6. Set User Group and Primary Group as required.

    Users in the kmsadmin group have the read permission on all keys.

  7. In the Role area, click Add, select roles with the KMS key operation permissions and other roles as required.
  8. Click OK.